97 research outputs found

    Design and Experimental Evaluation of a Route Optimisation Solution for NEMO

    Get PDF
    An important requirement for Internet protocol (IP) networks to achieve the aim of ubiquitous connectivity is network mobility (NEMO). With NEMO support we can provide Internet access from mobile platforms, such as public transportation vehicles, to normal nodes that do not need to implement any special mobility protocol. The NEMO basic support protocol has been proposed in the IETF as a first solution to this problem, but this solution has severe performance limitations. This paper presents MIRON: Mobile IPv6 route optimization for NEMO, an approach to the problem of NEMO support that overcomes the limitations of the basic solution by combining two different modes of operation: a Proxy-MR and an address delegation with built-in routing mechanisms. This paper describes the design and rationale of the solution, with an experimental validation and performance evaluation based on an implementation.Publicad

    Network layer access control for context-aware IPv6 applications

    Get PDF
    As part of the Lancaster GUIDE II project, we have developed a novel wireless access point protocol designed to support the development of next generation mobile context-aware applications in our local environs. Once deployed, this architecture will allow ordinary citizens secure, accountable and convenient access to a set of tailored applications including location, multimedia and context based services, and the public Internet. Our architecture utilises packet marking and network level packet filtering techniques within a modified Mobile IPv6 protocol stack to perform access control over a range of wireless network technologies. In this paper, we describe the rationale for, and components of, our architecture and contrast our approach with other state-of-the- art systems. The paper also contains details of our current implementation work, including preliminary performance measurements

    M2M Communications for E-Health and Smart Grid: An Industry and Standard Perspective

    Get PDF
    An overview of several standardization activities for machine-to-machine (M2M) communications is presented, analyzing some of the enabling technologies and applications of M2M in industry sectors such as Smart Grid and e-Health. This summary and overview of the ongoing work in M2M from the industrial and standardization perspective complements the prevalent academic perspective of such publications to date in this field

    Design and Validation of Receiver Access Control in the Automatic Multicast Tunneling Environment

    Get PDF
    Standard IP multicast offers scalable point-to-multipoint delivery, but no control over who may send and who may receive the data stream. Participant Access Control has been developed by Islam and Atwood, but only for multicast-enabled network regions. Automatic Multicast Tunneling has been developed by the Internet Engineering Task Force. It extends the range of multicast data distribution to unicast-only network regions, but provides no Participant Access Control. We have designed the additional features that AMT must have, so that AMT has the necessary Participant Access Control at the receiver's end in the AMT environment. In addition, we have validated our design model using the AVISPA formal modeling tool, which confirms that the proposed design is secure

    Internet Authentication for Remote Access

    Get PDF
    It is expected that future IP devices will employ a variety of different network access technologies to gain ubiquitous connectivity. Currently there are no authentication protocols available that are lightweight, can be carried over arbitrary access networks, and are flexible enough to be re-used in the many different contexts that are likely to arise in future Internet remote access. Furthermore, existing access procedures need to be enhanced to offer protection against Denial-of-Service (DoS) attacks, and do not provide non-repudiation. In addition to being limited to specific access media, some of these protocols are limited to specific network topologies and are not scalable. This thesis reviews the authentication infrastructure challenges for future Internet remote access supporting ubiquitous client mobility, and proposes a series of solutions obtained by adapting and reinforcing security techniques arising from a variety of different sources. The focus is on entity authentication protocols that can be carried both by the IETF PANA authentication carrier and by the EAP mechanisms, and possibly making use of an AAA infrastructure. The core idea is to adapt authentication protocols arising from the mobile telecommunications sphere to Internet remote access. A proposal is also given for Internet access using a public key based authentication protocol. The subsequent security analysis of the proposed authentication protocols covers a variety of aspects, including: key freshness, DoS-resistance, and "false-entity-in-the-middle" attacks, in addition to identity privacy of users accessing the Internet via mobile devices. This work aims primarily at contributing to ongoing research on the authentication infrastructure for the Internet remote access environment, and at reviewing and adapting authentication solutions implemented in other spheres, for instance in mobile telecommunications systems, for use in Internet remote access networks supporting ubiquitous mobilit

    A prototype and demonstrator of Akogrimo’s architecture: An approach of merging grids, SOA, and the mobile Internet

    Full text link
    The trend of merging telecommunication infrastructures with traditional Information Technology (IT) infrastructures is ongoing and important for commercial service providers. The driver behind this development is, on one hand, the strong need for enhanced services and on the other hand, the need of telecommunication operators aiming at value-added service provisioning to a wide variety of customers. In the telecommunications sector, the IP Multimedia Subsystem (IMS) is a promising service platform, which may become a ''standard'' for supporting added-value services on top of the next generation network infrastructure. However, since its range of applicability is bound to SIP- enabled services, IMS extensions are being proposed by ''SIPifying'' applications. In parallel to these developments within the traditional IT sector, the notion of Virtual Organizations (VO) enabling collaborative businesses across organizational boundaries is addressed in the framework of Web Services (WS) standards implementing a Service-oriented Architecture (SOA). Here, concepts for controlled resource and service sharing based on WS and Semantic Technologies have been consolidated. Since the telecommunications sector has become, in the meantime ''mobile'', all concepts brought into this infrastructure must cope with the dynamics mobility brings in. Therefore, within the Akogrimo project the VO concept has been extended towards a Mobile Dynamic Virtual Organization (MDVO) concept, additionally considering key requirements of mobile users and resources. Especial attention is given to ensure the duality of the merge of both, SOA and IMS approaches to holistically support SOA-enabled mobile added-value services and their users. This work describes major results of the Akogrimo project, paying special attention to the overall Akogrimo architecture, the prototype implemented, and the key scenario in which the instantiated Akogrimo architecture shows a very clear picture of applicability, use, and an additional functional evaluation

    Defining the Behavior of IoT Devices through the MUD Standard: Review, Challenges, and Research Directions

    Get PDF
    With the strong development of the Internet of Things (IoT), the definition of IoT devices' intended behavior is key for an effective detection of potential cybersecurity attacks and threats in an increasingly connected environment. In 2019, the Manufacturer Usage Description (MUD) was standardized within the IETF as a data model and architecture for defining, obtaining and deploying MUD files, which describe the network behavioral profiles of IoT devices. While it has attracted a strong interest from academia, industry, and Standards Developing Organizations (SDOs), MUD is not yet widely deployed in real-world scenarios. In this work, we analyze the current research landscape around this standard, and describe some of the main challenges to be considered in the coming years to foster its adoption and deployment. Based on the literature analysis and our own experience in this area, we further describe potential research directions exploiting the MUD standard to encourage the development of secure IoT-enabled scenarios

    Design and Experimental Evaluation of a Route Optimization Solution for NEMO

    Full text link

    An identity based framework for security and privacy in pervasive networks

    Get PDF
    Master'sMASTER OF ENGINEERIN
    corecore